Don't enable TLS when --without-* flags are used #7994
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
stanhu
force-pushed
the
sh-really-disable-without-ssl-flags
branch
from
2fbffca
to
8e3080a
Compare
Previously specifying `--without-gnutls` would unexpectedly attempt to compile with GnuTLS, effectively interpreting this as `--with-gnutls`. This caused a significant amount of confusion when `libcurl` was built with SSL disabled since GnuTLS wasn't present. 68d89f2 dropped the `--without-*` options from the configure help, but `AC_ARG_WITH` still defines these flags automatically. As https://www.gnu.org/software/autoconf/manual/autoconf-2.60/html_node/External-Software.html describes, the `action-if-given` is called when the user specifies `--with-*` or `--without-*` options. To prevent this confusion, we make the `--without` flag do the right thing by ignoring the value if it set to "no".
stanhu
force-pushed
the
sh-really-disable-without-ssl-flags
branch
from
8e3080a
to
4041674
Compare
maxlazio
pushed a commit
to gitlabhq/omnibus-gitlab
that referenced
this pull request
Nov 12, 2021
curl/curl@68d89f2 dropped the use of `--without-gnutls` in favor of `--with-*` options. This commit actually had the opposite effect of enabling GnuTLS when `--without-gnutls` were set. curl/curl#7994 fixes this behavior. We can drop this now that this does completely the opposite of what it is supposed to be doing. Discovered in https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/5592#note_731305703 Changelog: fixed
bagder
approved these changes
Nov 12, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Previously specifying
--without-gnutlswould unexpectedly attempt to compile with GnuTLS, effectively interpeting this as--with-gnutls. This caused a significant amount of confusion whenlibcurlwas built with SSL disabled since GnuTLS wasn't present.68d89f2 dropped the
--without-*options from the configure help, butAC_ARG_WITHstill defines these flags automatically. As https://www.gnu.org/software/autoconf/manual/autoconf-2.60/html_node/External-Software.htmldescribes, the
action-if-givenis called when the user specifies--with-*or--without-*options:The scripts didn't check whether "yes" or "no" was specified, so "yes" was the default.
To prevent this confusion, we make the
--withoutflag do the right thing by ignoring the value if it set to "no".